Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by...
Month: October 2023
8 Base Ransomware Victim: ZINSER GmbH
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
8 Base Ransomware Victim: Wilson Lewis
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
8 Base Ransomware Victim: IBACOS
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Pirate IPTV network in Austria dismantled and $1.74 million seized
The Austrian police have arrested 20 people across the country linked to an illegal IPTV network that, between 2016 and...
New Hunters International ransomware possible rebrand of Hive
A new ransomware-as-a-service brand named Hunters International has emerged using code used by the Hive ransomware operation, leading to the...
MemeChat – 4,348,570 breached accounts
HIBP In mid-2022, "the ultimate hub of memes" MemeChat suffered a data breach that exposed 7.4M records. Alleged to be...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on October 24, 2023. This...
CISA: VMware Releases Security Advisory for vCenter Server
VMware Releases Security Advisory for vCenter Server VMware released a security advisory for vulnerabilities (CVE-2023-34048, CVE-2023-34056) affecting the VMware vCenter...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198...
CISA: Mozilla Releases Security Advisories for Multiple Products
Mozilla Releases Security Advisories for Multiple Products Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A...
CISA: Apple Releases Security Advisories for Multiple Products
Apple Releases Security Advisories for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These...
CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities With Additional Releases
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities With Additional Releases Today, CISA updated its guidance addressing...
CISA: CISA Announces Launch of Logging Made Easy
CISA Announces Launch of Logging Made Easy Today, CISA announces the launch of a new version of Logging Made Easy (LME)(link...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
PatchaPalooza – A Comprehensive Tool That Provides An Insightful Analysis Of Microsoft’s Monthly Security Updates
A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates. IF you are interested in seing all...
HackerOne Bug Bounty Disclosure: b-bypass-report-submit-restriction-ban-using-the-api-key-b-light-r
Company Name: b'HackerOne' Company HackerOne URL: https://hackerone.com/security Submitted By:b'light3r'Link to Submitters Profile:https://hackerone.com/b'light3r' Report Title:b'Bypass report submit restriction/ban using the API...
Akira Ransomware Victim: Inventum Øst
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
browserify browserify-sign security bypass | CVE-2023-46234
NAME__________browserify browserify-sign security bypassPlatforms Affected:browserify browserify-sign 2.6.0 browserify browserify-sign 4.2.1Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________browserify browserify-sign could allow a remote attacker to...
IBM i privilege escalation | CVE-2023-40685
NAME__________IBM i privilege escalationPlatforms Affected:IBM i 7.2 IBM i 7.3 IBM i 7.4 IBM i 7.5Risk Level:7.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Management Central...
Ashlar-Vellum Cobalt, Graphite, Xenon, Argon, Lithium, and Cobalt Share code execution | CVE-2023-39427
NAME__________Ashlar-Vellum Cobalt, Graphite, Xenon, Argon, Lithium, and Cobalt Share code executionPlatforms Affected:Ashlar-Vellum Cobalt 1204.77 Ashlar-Vellum Graphite 13.0.48 Ashlar-Vellum Xenon 1204.77...
